Sharing information between nexuses that use different classification schemes for information access control
First Claim
Patent Images
1. A method, comprising:
- exporting a first copy of data associated with an access control list and stored by a first database system to a second database system, the data stored by the first database system subject to a first classification designation, the first classification designation used by the first database system for controlling access to information stored by the first database system;
during import of the first copy of the data exported;
determining that the first copy of the data exported corresponds with a particular translation path that is the shortest among a plurality of translation paths identified in the first copy of data, the particular translation path indicating a particular origin classification associated with a particular classification designation and for updating the access control list, and, in response, mapping, using a translation map associated with the second database system, the first classification designation to a second classification designation, the second classification designation used by the second database system for controlling access to information stored by the second database system, the first classification designation being different than the second classification designation; and
causing the second database system to store a second copy of the data subject to the second classification designation.
7 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for sharing information between distributed computer systems connected to one or more data networks. In particular, a replication system implements methodologies for sharing database information between computer systems where the databases use different classification schemes for information access control.
441 Citations
19 Claims
-
1. A method, comprising:
-
exporting a first copy of data associated with an access control list and stored by a first database system to a second database system, the data stored by the first database system subject to a first classification designation, the first classification designation used by the first database system for controlling access to information stored by the first database system; during import of the first copy of the data exported; determining that the first copy of the data exported corresponds with a particular translation path that is the shortest among a plurality of translation paths identified in the first copy of data, the particular translation path indicating a particular origin classification associated with a particular classification designation and for updating the access control list, and, in response, mapping, using a translation map associated with the second database system, the first classification designation to a second classification designation, the second classification designation used by the second database system for controlling access to information stored by the second database system, the first classification designation being different than the second classification designation; and causing the second database system to store a second copy of the data subject to the second classification designation. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. One or more non-transitory computer-readable media storing one or more programs for execution by one or more processors, the one or more processors comprising instructions configured for:
-
exporting a first copy of data associated with an access control list and stored by a first database system to a second database system, the data stored by the first database system subject to a first classification designation, the first classification designation used by the first database system for controlling access to information stored by the first database system; during import of the first copy of the data exported; determining that the first copy of the data exported corresponds with a particular translation path that is the shortest among a plurality of translation paths identified in the first copy of data, the particular translation path indicating a particular origin classification associated with a particular classification designation and for updating the access control list, and, in response, mapping, using a translation map associated with the second database system, the first classification designation to a second classification designation, the second classification designation used by the second database system for controlling access to information stored by the second database system, the first classification designation being different than the second classification designation; and causing the second database system to store a second copy of the data subject to the second classification designation. - View Dependent Claims (11, 12, 13, 14)
-
-
15. A computing system, comprising:
-
one or more processors; storage media; one or more programs stored in the storage media and configured for execution by the one or more processors, the one or more programs comprising instructions configured for; exporting a first copy of data associated with an access control list and stored by a first database system to a second database system, the data stored by the first database system subject to a first classification designation, the first classification designation used by the first database system for controlling access to information stored by the first database system; during import of the first copy of the data exported; determining that the first copy of the data exported corresponds with a particular translation path that is the shortest among a plurality of translation paths identified in the first copy of data, the particular translation path indicating a particular origin classification associated with a particular classification designation and for updating the access control list, and, in response, mapping, using a translation map associated with the second database system, the first classification designation to a second classification designation, the second classification designation used by the second database system for controlling access to information stored by the second database system, the first classification designation being different than the second classification designation; and causing the second database system to store a second copy of the data subject to the second classification designation. - View Dependent Claims (16, 17, 18, 19)
-
Specification